thanks @lokori this is a great box! Love the privesc
ive learnt a lot from this box via privsec thanks a lot for this box @lokori
any doubts feel free to pm me or hit me up on discord [ Ruthvik#7626 ]
Do privesc is a âprinterâ thing on this box?
I enjoyed getting this one done. Frustrating to not have the initial entry as easy as I thought but a sanity check by @Frey of my ideaâs pointed out my mistake. Keeping it simple was the way. Root was relatively easy if you look at the right stuff, which in a way is hinted at on the box itself as well. Thanks @lokori
I finaly got root ! I was to the right way but I donât handerstand why the âpresentâ is wrong but the âpastâ is right. Anyway, it was a good box and I learned a lot. Thankâs @lokori
Any hint or direction to get user shell? Is it related to feed?
I have some questions about general ssh key formatting, can someone PM me?
@J3rryBl4nks said:
I have some questions about general ssh key formatting, can someone PM me?
PMâd
@johnny87 said:
Any hint or direction to get user shell? Is it related to feed?
About some formatting data
I have run DirBuster with directory-list-2.3-small.txt , but is a looong wayâŚwhat about extension? How to define if php is right extension option?
gobuster -u âMACHINEURLâ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
Thatâs the syntax I usually use for HTB machines.
@drtychai said:
@n1b1ru said:
@Snoe said:
@Didakt said:
Rooted !
Very cool box, thanks to the creatorAnd the first hint some one gave for priv esc was just perfect :
âFar far ago, there was a man that could view back into the past, and see alternated versions of realities , how did he do that mate?â
Think about it !
Thanks for the box
Same. That guy really showed me the way to privesc.
I really read the past and I didnât find anything relevant. Stucked in priv
Go farther back
Buuffff farther from history ? Anyway I was thinking in taking a Delorean. LOL !!!
@J3rryBl4nks said:
gobuster -u âMACHINEURLâ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txtThatâs the syntax I usually use for HTB machines.
Thanks a lot mate!
Anyone to PM?
I got the user, working on root. I got something related to a protocol but I canât figure out whats missing. Could someone shoot me a PM?
I can read the file and get user flag. But I can not form a shell. Could someone shoot me a PM?
@Vex20k said:
I got the user, working on root. I got something related to a protocol but I canât figure out whats missing. Could someone shoot me a PM?
back to the past Marty !
Got user!!! Time to root!!
Hi,
I found were my uploads are stored, i can read them. I tried uploading php reverse shell as xml, get some error, cant execute, but still can read it with curl.
I need a hint